X-Virus-Scanned: clean according to Sophos on Logan.com Return-Path: Received: from [65.173.216.69] (account rob@logan.com HELO [192.168.95.252]) by logan.com (CommuniGate Pro SMTP 6.0.8) with ESMTPSA id 6682409; Fri, 10 Jan 2014 15:20:41 -0500 Message-ID: <52D055E6.5060402@Logan.com> Date: Fri, 10 Jan 2014 15:19:50 -0500 From: Rob Logan User-Agent: Mozilla/5.0 (X11; SunOS i86pc; rv:6.0.2) Gecko/20111003 Thunderbird/6.0.2 MIME-Version: 1.0 To: alldomains@logan.com, Lancair Mailing List Subject: Yahoo Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit mail from our server is sent encrypted as much a possible, but Yahoo's new encryption code fails to connect to ours causing email delays to yahoo and other sites hoisted by yahoo (sbcglobal.net) for now I have turned off encrypted mail until yahoo fully implements PFS. --Yahoo! Mail Now Encrypted by Default (January 9, 2014) While Yahoo! has at last adopted default HTTPS encryption for Yahoo! Mail, the company is facing criticism over its "failure to follow industry best practices in rolling out" the encryption. Yahoo! has supported full-session HTTPS since 2012, but until now, it has been an opt-in feature. Yahoo!'s implementation of HTTPS encryption is not consistent across servers and includes flaws that leave it vulnerable to snooping. Yahoo!'s implementation of the encryption is missing what is known as Perfect Forward Secrecy, which is used by Google, Microsoft, and Twitter. http://www.computerworld.com/s/article/9245258/Yahoo_email_encryption_standard_needs_work http://www.theregister.co.uk/2014/01/09/yahoo_always_on_crypto_unstrong/ Rob